package com.miaoxie.forum.module.auth.shared.interceptor;


import com.miaoxie.forum.module.auth.shared.security.SecurityNonCheckRequired;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;


/**
 * 访问权限控制拦截器,在每次请求处理之前进行拦截
 */
public class SecurityInterceptor extends HandlerInterceptorAdapter {
    @Override
    public boolean preHandle(HttpServletRequest request,
                             HttpServletResponse response, Object handler) throws Exception {

        HandlerMethod handleMethod = (HandlerMethod) handler;
        Method method = handleMethod.getMethod();
        /**
         * 检查请求处理器是否附带有注解 @SecurityNonCheckRequired，如果存在则免检查
         */
        if (method != null && !(method.isAnnotationPresent(SecurityNonCheckRequired.class)
                || handleMethod.getBeanType().isAnnotationPresent(SecurityNonCheckRequired.class))) {
        }
        return true;
    }

}
